Connect with us
Active Currencies 14431
Market Cap $2,640,893,344,256.00
Bitcoin Share 50.04%
24h Market Cap Change $-2.93

Unravelling the controversy around Lido Finance’s token contract exploit

2min Read

Blockchain security firm SlowMist claimed there was an exploit involving Lido Finance’s contract token while the liquid staking protocol assured users that funds were safe.

Share this article

  • SlowMist said that the loophole allowed anyone to carry out transfers exceeding the amount of funds that they held.
  • LDO fell after the disclosure but recovered after Lido’s assurance.

Unscrupulous players exploited a known vulnerability in Lido Finance’s [LDO] token contract to launch “fake deposit” attacks on exchanges, according to blockchain security firm SlowMist. However, no on-chain evidence was provided as of this writing to ascertain the veracity of the claim.

Within seven hours of the disclosure, Lido assured users that their funds in governance token LDO and liquid staking token Lido Staked ETH [stETH] were safe.


Realistic or not, here’s LDO’s market cap in BTC terms


Arguments and counterarguments

Providing more details, SlowMist said that the security loophole allowed anyone to carry out transfers exceeding the amount of funds that they held. Due to the logical flaw, instead of the ideal transaction rollback scenario, a false return was triggered.

Source: SlowMist

SlowMist had a word of caution for exchanges,

“Be aware that there are many token contracts in the market that do not adhere to the ERC20 standard. Before integrating new tokens, ensure a deep understanding and analysis of their contract code to ensure the correct deposit logic.”

However, Lido was not convinced. It stated that the particular behavior was not confined to LDO tokens but extended to all other ERC-20 tokens as well.

Using the ERC-20 standard as a guide, Lido demonstrated how the logic returned transfer status in all regular scenarios and only reverted the transaction in “exceptional” circumstances.

LDO witnesses a fall

As the issue escalated, LDO began to feel the heat. Lido’s native token fell 4.5% to $1.45 in the hours following SlowMist’s post on social media platform X, formerly Twitter. However, Lido’s counterargument served to calm the waters. LDO recovered to $1.49 at the time of writing, data from CoinMarketCap revealed.


Is your portfolio green? Check out the LDO Profit Calculator


Source: CoinMarketCap

As per Santiment, there was a noticeable rise in LDO trading volumes which suggested that panicky holders tried to get rid of their stashes.

Moreover, LDO’s social volume spiked. This indicated that the negative chatter around the token had increased on crypto-focused social groups of popular forums.

Source: Santiment

Share

Aniket Verma works as a journalist at AMBCrypto. Contrary to most who are primarily interested in merely tracking price movements of cryptos, his focus is on examining the niche intersection between cryptocurrencies and traditional finance. A so-so Bitcoin maximalist, Aniket has a strong disdain for memecoins and the unfounded frenzy they seem to generate every market season. Coming from a strong engineering background, Aniket previously worked as a Content Manager for TV9 Network. Before his stint over there, he was an Associate Multimedia News Producer at Reuters.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.